Introduction
Organizations across Europe [2], the Middle East [2], and Africa (EMEA) are facing a significant increase in infostealer attacks [2], which pose a substantial threat to cybersecurity. This trend highlights the vulnerabilities in current security practices and the growing sophistication of cybercriminal activities.
Description
Organizations in Europe [2], the Middle East [2], and Africa (EMEA) are experiencing a significant surge in infostealer attacks [2], with a reported 58% increase over the past year [2]. Currently, over 10 million stolen login credentials associated with EMEA organizations are being sold on underground cybercrime markets, particularly on the dark web. Prominent infostealer malware strains [2] [3], including AgentTesla [1] [2], Lumma Stealer [1] [2] [4], and FormBook [1] [2] [4], primarily target VPN credentials and authentication tokens [2], highlighting the vulnerabilities associated with unmanaged devices and bring-your-own-device (BYOD) policies. This focus on credential theft enables cybercriminals to bypass multifactor authentication (MFA), facilitating persistent access to corporate networks. The rise in infostealer activity is also contributing to an uptick in session hijacking [2], which has become a primary technique for circumventing MFA. Sergey Shykevich [1], Group Manager of Threat Intelligence at Check Point Software [1], emphasizes that cybercriminals are now selling access to compromised systems, fostering a shadow economy that supports a broader range of cyberattacks, including ransomware and financial fraud [2]. As attackers demonstrate increasing agility, cybersecurity professionals face ongoing challenges [2], resulting in an asymmetric arms race in the realm of cybersecurity [2].
Conclusion
The escalation of infostealer attacks in the EMEA region underscores the urgent need for enhanced cybersecurity measures. Organizations must prioritize the implementation of robust security protocols, including the management of devices and the enforcement of strict BYOD policies. Additionally, the development of advanced authentication methods beyond traditional MFA is crucial to counteract the evolving tactics of cybercriminals. As the threat landscape continues to evolve, proactive and adaptive strategies will be essential in mitigating risks and safeguarding sensitive information against future cyber threats.
References
[1] https://www.bitmat.it/sicurezza/minacce-informatiche-allorizzonte-per-larea-emea/
[2] https://www.infosecurity-magazine.com/news/surge-in-infostealer-attacks-emea/
[3] https://itdaily.be/nieuws/beveiliging/check-point-ai-wape-of-doelwit/
[4] https://www.jeko.com/check-point-veroeffentlicht-aktuelle-emea-cyber-threat-intelligence-einblicke-auf-der-cpx-2025/
